A rapidly growing number and variety of devices are acquiring an ability to connect to the Internet. Some examples of such devices are smart power switches, security cameras, illumination control devices, household appliances, network attached storage (NAS), and the like. These devices, often referred as Internet of Things (IoT), extend internet connectivity beyond traditional devices like desktop and laptop computers, smartphones and tablets to a diverse range of devices and everyday things that utilize embedded technology to communicate and interact with the external environment, all via the Internet.
Many of these devices are connected to the Internet through wireless (Wi-Fi) routers or access points, becoming parts of local networks. Usually, these devices are allowed to communicate both with devices on the same local network (for instance, wireless headphones), and with devices outside of the local network (for instance, mobile phones with vendor-specific applications providing remote access).
Such devices are often enabled to function both as HTTP/HTTPS clients, accessing remote servers for updates and to upload their data, and as HTTP/HTTPS servers, providing Application Programming Interfaces (APIs) that enable status control and data collection from other devices (IoT hubs, mobile phones, etc.).
The proliferation of connected devices with vendor-specific access patterns and security measures significantly increases security risks both inside and outside local networks. Rogue devices inside the local network may exploit vulnerabilities of other devices (for instance, Wi-Fi routers) to spy on network traffic, change DNS settings, access unauthorized data (for instance, shared directories on the local computers), or attack local devices (for instance, turn off smart switches, block security cameras etc.). Rogue devices capable of establishing connections with servers outside of the local networks may report data collected from local devices to unauthorized third parties, download malware to execute local attacks, or become parts of botnets capable of denial of service attacks or spam distribution.
With the increase in the number of device vendors and the variety of devices on the same network, it becomes more difficult to rely on individual vendors to control security. Even one compromised device inside the local network may present serious security and privacy threat.
Therefore, there is a need for solutions that would improve security of the systems comprised from untrusted devices connected to local networks. Preferably, such solutions should make connected devices more secure without degrading their usefulness and upgradeability, or incurring large additional costs.